Skip to content
Extraits de code Groupes Projets
Sélectionner une révision Git
  • 2fd3de10ab965655376fa5327355d696f99b818e
  • 14.0 par défaut
  • 12.0 protégée
  • 13.0
4 résultats

scop_bordereau_refund_wizard.py

Blame
  • nextcloud.yaml.j2 4,72 Kio
    version: '2.1'
    
    services:
      nextcloud:
        image: nextcloud:{{ nextcloud_version }}
        container_name: nextcloud
        restart: unless-stopped
        depends_on:
          - db
          - redis
    {% if restrict_internet_access %}
          - apps
          - notifs
    {% endif %}
        environment:
          - MYSQL_DATABASE=nextcloud
          - MYSQL_USER=nextcloud
          - MYSQL_PASSWORD={{ cloud_db_pass }}
          - MYSQL_HOST=db
          - NEXTCLOUD_ADMIN_USER={{ cloud_admin_user }}
          - NEXTCLOUD_ADMIN_PASSWORD={{ cloud_admin_pass }}
          - REDIS_HOST=redis
        volumes:
          - nextcloud:/var/www/html:z
        networks:
          default:
          inverseproxy_shared:
    {% if restrict_internet_access %}
          proxy:
    {% endif %}
        labels:
          traefik.enable: "true"
          # Middleware cloud-dav replaces .well-known paths for caldav and carddav with proper nextcloud path
          traefik.http.middlewares.cloud-dav.replacepathregex.regex: "^/.well-known/ca(l|rd)dav"
          traefik.http.middlewares.cloud-dav.replacepathregex.replacement: "/remote.php/dav/"
          traefik.http.routers.cloud.middlewares: "cloud-dav@docker"
          traefik.http.routers.cloud.rule: "Host(`{{ cloud_url }}`)"
          traefik.http.routers.cloud.service: "cloud"
          traefik.http.services.cloud.loadbalancer.server.port: "80"
    
      db:
        image: mariadb:{{ nextcloud_db_version }}
        container_name: nextcloud_db
        command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
        restart: unless-stopped
        environment:
          - MYSQL_ROOT_PASSWORD={{ cloud_db_root }}
          - MYSQL_USER=nextcloud
          - MYSQL_PASSWORD={{ cloud_db_pass }}
          - MYSQL_DATABASE=nextcloud
        volumes:
          - mysql:/var/lib/mysql:z
    
      redis:
        image: redis:alpine
        container_name: nextcloud_redis
        restart: unless-stopped
        volumes:
          - redis:/var/lib/redis:z
    
    {% if cloud_onlyoffice %}
      onlyoffice:
        image: onlyoffice/documentserver:latest
        container_name: nextcloud_onlyoffice
        restart: unless-stopped
        stdin_open: true
        networks:
          default:
          inverseproxy_shared:
        volumes:
          - document_data:/var/www/onlyoffice/Data
          - document_log:/var/log/onlyoffice
        labels:
          traefik.enable: "true"
          traefik.http.middlewares.cloud-onlyoffice-xforwarded.headers.customrequestheaders.X-Forwarded-Proto: "https"
          traefik.http.routers.cloud-onlyoffice.middlewares: "cloud-onlyoffice-xforwarded"
          traefik.http.routers.cloud-onlyoffice.rule: "Host(`{{ cloud_onlyoffice_url }}`)"
          traefik.http.routers.cloud-onlyoffice.service: "cloud-onlyoffice"
          traefik.http.services.cloud-onlyoffice.loadbalancer.server.port: "80"
    
    {% endif %}
    {% if cloud_collabora %}
      collabora:
        image: collabora/code
        container_name: nextcloud_collabora
        restart: unless-stopped
        environment:
          - domain={{ cloud_url|replace(".","\\\.") }}
          - username={{ cloud_collabora_admin_user }}
          - password={{ cloud_collabora_admin_pass }}
          - dictionaries=fr_FR
          - extra_params=--o:logging.level=warning --o:ssl.enable=false --o:ssl.termination=true
        cap_add:
          - MKNOD
        networks:
          inverseproxy_shared:
        labels:
          traefik.enable: "true"
          traefik.http.routers.cloud-collabora.rule: "Host(`{{ cloud_collabora_url }}`)"
          traefik.http.routers.cloud-collabora.service: "cloud-collabora"
          traefik.http.services.cloud-collabora.loadbalancer.server.port: "9980"
    
    {% endif %}
    {% if restrict_internet_access %}
      apps:
        image: tecnativa/whitelist
        container_name: nextcloud_apps
        networks:
          proxy:
            aliases:
              - "apps.nextcloud.com"
          public:
        environment:
          TARGET: "apps.nextcloud.com"
          PRE_RESOLVE: 1
        restart: unless-stopped
    
      notifs:
        image: tecnativa/whitelist
        container_name: nextcloud_notifs
        networks:
          proxy:
            aliases:
              - "push-notifications.nextcloud.com"
          public:
        environment:
          TARGET: "push-notifications.nextcloud.com"
          PRE_RESOLVE: 1
        restart: unless-stopped
    {% for server in extra_cloud_urls %}
    
      {{ server.url }}:
        image: tecnativa/whitelist
        container_name: nextcloud_{{ server.url }}
        networks:
          proxy:
            aliases:
              - "{{ server.url }}"
          public:
        environment:
          PORT: "{{ server.port }}"
          TARGET: "{{ server.url }}"
          PRE_RESOLVE: 1
        restart: unless-stopped
    {% endfor %}
    
    {% endif %}
    networks:
        default:
            internal: true
            driver_opts:
                encrypted: 1
    {% if restrict_internet_access %}
        proxy:
            internal: true
            driver_opts:
                encrypted: 1
        public:
            driver_opts:
                encrypted: 1
    {% endif %}
        inverseproxy_shared:
            external: true
    
    volumes:
        nextcloud:
        mysql:
        redis:
    {% if cloud_onlyoffice %}
        document_data:
        document_log:
    {% endif %}